On Fri, Jul 12, 2013 at 11:56 AM, Sven Van Caekenberghe <[email protected]>wrote:
> > On 12 Jul 2013, at 16:44, Norbert Hartl <[email protected]> wrote: > > > Maybe you can specify your problem a bit more so. > > I think what he basically means: the app needs to access the db, for which > it needs a db password. How should he store it ? > > Yes, exactly. Answering also to Norbert...that's the case. Say someone hacks the server and has access to files. It would be too simple to browse a .txt file with data and get the password as plain text. (I will answer more in Norbert mail) > It also depends if there is only one db password, or one for each user, > and in the latter case, if it is the same as the one entered by the user. > > No, the db password is not supplied by the user. But it's not only one password either. There are a few (because there are a few databases). But all the users will use the same DB password/username. Thanks! -- Mariano http://marianopeck.wordpress.com
